brucek@uunet.uu.net (Bruce Klein) (01/26/91)
While running cops on a newly installed Sparcstation SLC, I noticed the following files were shipped as world writable: /etc/aliases.dir /etc/aliases.pag /etc/mtab /etc/remote /etc/sm /etc/sm.bak /etc/state /etc/utmp Is there a good reason for any of these files to be world writable, or can I restrict access? Thanks for your help. [[Ed's Note: I don't see any problems restricting access access (at least to only group and owner writable). Sun is notorious for the "secure" network mode of shipping Suns. You might want to check your /etc/hosts.equiv file while you're at it. :) -bdg]] Bruce Klein brucek@emperor.scs.com ...uunet!emperor!brucek (408) 371 2900
perl%step@uunet.uu.net (Robert Perlberg) (02/19/91)
In article <1501@brchh104.bnr.ca>, emperor!unicorn!brucek@uunet.uu.net (Bruce Klein) writes: > Is there a good reason for any of these files to be world writable, or can > I restrict access? /etc/utmp must be world writable since shelltool creates entries there. This is an acknowledged problem. Robert Perlberg Dean Witter Reynolds Inc., New York {murphy | philabs | chuo}!step!perl
brendan@ai.mit.edu (Brendan Kehoe) (03/16/91)
>/etc/utmp must be world writable since shelltool creates entries there. >This is an acknowledged problem. I've used two different fixes at different times for this .. as long as you start a window that grabs the console (e.g. shelltool -C or cmdtool -C) as the very first thing that comes up, the messages "Make sure you can write to /etc/utmp!" get swallowed in there. The other option is to edit /usr/lib/libsun*.s{o,a}.* [I forget which, two of them have it], and replace the pathname /etc/utmp with /dev/null. That'll make it shut up. Note that with your windows not appearing in utmp, talk and a few other things won't work. But I think it's a fair tradeoff for someone being able to be on your system without you knowing, don't you? Brendan Kehoe - Widener Sun Network Manager - brendan@cs.widener.edu On hiatus at brendan@albert.ai.mit.edu whilst our router is down.